Innovations in mobile and digital wallets have resulted in a proliferation of wallet models and solutions. For consumers, mobile payments can take place: at a merchant’s point of sale (POS) using a number of communications technologies (e.g., Near Field Communication (NFC), Magnetic Secure Transmission (MST), QR code, Bluetooth); using a peer-to-peer app; through a merchant’s app (i.e., in-app); or through the mobile browser. For all these scenarios, payment credentials are being stored and transmitted from one entity to the other, and the security of the credentials both on the mobile device or in the cloud, and during the transaction is critical.
The Secure Technology Alliance Payments Council and Mobile Council have led industry discussion on the benefits of mobile payments, security approaches, and implementation considerations for industry stakeholders. Resources include:
- Bluetooth Low Energy 101
- EMVCo Payment Account Reference (PAR) 101: A Primer
- Host Card Emulation (HCE) 101
- Trusted Execution Environment (TEE) 101: A Primer
- NFC Resources. These resources provide guidance and best practices for NFC-enabled mobile payments.
The Alliance affiliated organization, the U.S. Payments Forum, has a Mobile and Contactless Payments Working Committee that works on cross-stakeholder implementation issues and publishes industry resources and best practices.
Additional resources on mobile payments can be found in the Alliance Knowledge Center.